Loading ...

Author: FarmhouseNetworking

Zero Trust – Software Patching

This is the seventh in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on software patching. 

Software Patching

Software patching is a neccesity because no person who writes code is perfect and hackers are actively looking for these mistakes. The hackers find the mistakes and then develop ways of using these to exploit the software, computer, or whatever else they can gain access to. The only way to combat both the mistakes and the exploits is to discover them before the hackers do and patch the hole in the software. This patch can however lead to unforseen consequences to the software, so a plan for testing and deployment of patches is needed to avoid unexpected downtime to businesses.Here are some questions to ask:

  • Do you know all of the hardware and software on your network?
  • Do you check for hardware, operating system, and other software regularly?
  • How do you check for updates, patches, or upgrades to software?
  • How do you install these patches? Is it automated?
  • Are these patches tested before installation?
  • What happens if a patch causes problems?
  • Do you have a log of all installed updates?
  • Are any systems or software on your network no longer supported for updates?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Surviving a Flood

Had a client walk into their office to find it flooded with an inch and a half of water on the ground and it got me thinking about what could be done to mitigate the risks associated with this sort of “Act of God” at the office.

Can’t Stop the Flood

It goes without saying that there is no way to realistically prevent a flood besides the usual preventative building maintenance that most businesses are not in control of anyways. It makes sense then to choose an office space where the owner is into proactive repairs on the building, even if it costs a little extra per month. It would also be good to talk to your business insurance provider to make sure that such Acts of God are covered. Clean-up and recovery though usually covered by the building owner can get expensive if your contract doesn’t cover it. 

Prepare for the Worst

Practically speaking it may not be possible to keep computers out of the water in a flood. At this particular client we did have the computers up on blocks just in case of this very thing. All network equipment should also be in a safe place, ideally in a locked cabinet high off the ground.

Recovery can happen

If the worst does happen, the first thing to do is shut off the electricity to the building. After that take careful inventory of all that is plugged in and remove it from electrical outlets. If equipment is wet, keep it unplugged for a couple days in a dry environment to make sure it is free from moisture. Once sure it is dry, plug in the equipment and test whether it will come back online. If anything was submerged in water, it is best to plan on replacing it as most water has minerals in it that will stick to components in the computer and could cause and electrical short.

If your company is not ready for the worst, then contact us for assistance.

RMM Automation: Sort Files Into Folders Based on Filename

Optimize File Storage - Clackmas, OR

As our business continues to focus on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services this blog will be highlighting tips for RMM automation. Here is a script that we came up with to handle a particular client that dumps tons of PDFs into a folder unsorted and wants individual folders created for each unique file name. We have tailored this script to be used not only at that client but for any folder on any Microsoft Windows computer that needs to be sorted in this manner. This script could easily be modified to sort other types of files.

Variables

Here are the variables we are using for this script:

  • $SourceFolder = This is the target folder to be sorted

Script Snippet

# Defines the folder that sorted data will go into 
$TargetFolder = $SourceFolder + " Sorted"

#Defines how to match files with similar names, in this case we put files with the same name then a dash or underscore and other numbers or letters to be placed in the same folder
$MatchRegEx = "[-_]"


#Grabs only the PDF files in the folder being sorted (modify for other extension types or remove filter to sort all files)
Get-ChildItem -Path $SourceFolder -Filter *.pdf |
    ForEach-Object {
        #Creates folder name for child folders in sorted data
        $FileNameFolder = $_.Name -split $MatchRegEx
        $ChildPath = Join-Path -Path $FileNameFolder[0].Replace('.pdf','') -ChildPath $_.Name

        [System.IO.FileInfo]$Destination = Join-Path -Path $TargetFolder -ChildPath $ChildPath

        #Checks if folder exists and if not creates child folder
        if( -not ( Test-Path -Path $Destination.Directory.FullName -erroraction silentlycontinue) ){
            New-Item -ItemType Directory -Path $Destination.Directory.FullName
            }

        #Copies file into child folder
        Copy-Item -Path $_.FullName -Destination $Destination.FullName
        }

This script is non-destructive meaning that the files are copied and not moved. This script gives screen output of each new child folder created.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

Zero Trust – Endpoint Security

Endpoint Security - Clackamas, OR

This is the sixth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on endpoint security. 

Endpoint Security

Endpoint security is a fancy term used to describe how the computers on the network are protected. This used to be done by antivirus but due to the complexity of the attacks hackers are using to compromise networks these days, the definition has expanded greatly. This now includes things like Enhanced Detection & Response software, Security Operations Centers, DNS Filtering, employee train and more. Here are some questions that you should be asking yourself:

  • Are your endpoints protected by antivirus or enhanced detection & response?
  • Is website traffic being monitored? Restricted?
  • Are your employees being trained in cyber security?
  • Are computer logs being monitored for malicious activity?
  • Would unusual or suspicious activity on a computer be noticed? Alerted on?
  • Do you have security permissions set on all file shares?
  • Do you have least privileged access configured on those shares?
  • Do you keep track of what software is installed on all workstations?
  • Do you block access to unauthorized software?
  • Are files encrypted on servers and workstations?
  • Are your mobile devices managed? Can you wipe them remotely?
  • Are USB ports blocking removeable storage devices?
  • Are endpoints set to automatically log-out?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Zero Trust – Password Management

Password - Grants Pass, OR

This is the fifth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on password management. 

Password Management

Password management is the concept that you are not using the same password for all sites and services. So it is necessary to have a means to track and protect those passwords from others accessing or using them without consent. Here are some questions that you should be asking yourself:

  • How do you keep track of passwords? paper? spreadsheet? program?
  • Are your passwords encrypted? Are they guessable? Are they changed regularly?
  • Do you have a password policy?
  • What do you do when someone leaves the company?
  • Do you take advantage of 2FA or MFA?
  • Do you take advantage of single sign-on?

Take time to think about these questions and decide where changes can be made to better protect your passwords, or contact us to do the thinking for you.

Zero Trust – Trusted Vendors

This is the second in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the vendors you purchase network equipment from. 

Trusted Vendors

Trusted vendors are those who supply workstations, servers, routers, switches, power protection, software, and anything else connected to your network. Here are some questions that you should be asking yourself:

  • Do you know who makes your network equipment, servers, computers, and software?
  • Do you know the way to contact their support and have current account access information?
  • Do you have current warranties / support contracts on hardware and software?
  • Is the hardware able to perform at the level needed?
  • Are you purchasing software from those who meets industry standards?
  • If a subscription, how much are you paying and are you on the correct plan for your needs?
  • When is the last time you upgraded your software and hardware?
  • Have you budgeted for the next upgrade?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

Zero Trust – Physical Security

This is the first in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the physical security surrounding your network. 
 

Physical Security

Physical security can include the locks on the doors, where things are placed, and how they are protected from the unpredictability of the environment. Here are some questions that you should be asking yourself:

  • Do you know where your network equipment is located?
  • Is the server / network in a separate area from where work is done?
  • Is this separate area behind a locked door?
  • Is the equipment in a locked rack or cabinet?
  • Is there a separate air conditioning zone for this area (servers like it cold)?
  • Is there a separate alarm zone for this equipment?
  • Who has the codes?
  • Is there a security camera watching this area (we don’t install these)?
  • How long is the recording for?
  • Who has access to the recordings?
  • Are computers located in areas where customers can physically touch them?
  • Are unused USB ports on the computer turned off or locked?
  • Are all systems protected by battery backup devices?
  • Are all systems off the floor in case of a flood?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

US Takes Action Against Russian Cyber Threats

We caught wind of two separate actions the US has taken against Cyber Threats from Russia over the weekend:

Kaspersky

The first is news that the US Federal Communications Commission has added Russian cybersecurity company Kaspersky Lab to its list of entities that pose an “unacceptable risk to US national security,” according to a report from Bloomberg. This company has been banned from use by government agencies since 2017 when a bill was signed due to the companies ties to the Kremlin. 

Russian Hackers

The second article was a press release from the FBI stating that:

“The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

This hacking activity should be another wake-up call to American businesses to harden their defenses and remain vigilant against cyber security threats. These people are nationally sponsored criminals and we must protect ourselves. 

If your company is currently using Kaspersky or any other Russian based vendors, then it is time to carefully consider whether to continue being connected with them and contact us for assistance migrating to a trusted source.

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2022- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

    Something went wrong, try refreshing and submitting the form again.